﻿using System.Web.Mvc;
using System.Web.Security;

namespace Web.Filters
{
    public class AuthFilterAttribute : AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            var cookie = filterContext.HttpContext.Request.Cookies[FormsAuthentication.FormsCookieName];
            if(cookie != null)
            {
                var auth = FormsAuthentication.Decrypt(cookie.Value);
                if (auth.UserData != "1" && auth.UserData != "2")
                {
                    filterContext.Result = new RedirectResult("/ErrorAuth");
                }
            }
            else
            {
                filterContext.Result = new RedirectResult("/auth");
            }
        }
    }
}